Digital Certificates for LLMs (alpha)
The Model Context Public Key Infrastructure (MCPKI) is an initiative to provide autonomous certificate management for large language models (LLMs). Our mission is to create a more secure web by making it easy to manage certificates using the power of LLMs.
Our Model Context Protocol (MCP) server API allows LLMs to interact with our service. By using the power of LLMs, we aim to eliminate manual processes and reduce the risk of human error in certificate management.
With MCPKI LLMs can:
- Request certificates automatically: Use our MCP API to issue new certificates for your domains or LLM instances.
- Renew certificates seamlessly: We monitor your certificates and attempt to renew them before they expire.
- Revoke compromised certificates: Immediately revoke any certificates that may have been compromised.
Get Started
MCPKI offers an MCP server for certificate managament (See here). All MCP clients supporting a Server Side Events (SSE) MCP endpoint can utilize the MCPKI services.
Configuration examples
...
MCP Tools
Import our MCP server endpoint to engage in Autonomous Certificate Management. If you need to import the CA certificate chain of letsencrypt (E5 -> ISRG Root X1), you can find it here or on https://letsencrypt.org/certificates
| Tool Name | Parameters |
|---|---|
| create_CRL | issuer_DN (string) |
| enroll_certificate_with_CSR |
csr (string), certificate_profile_name (string), end_entity_profile_name (string), name_of_CA (string), username (string), password (string), email (string) |
| get_available_CAs | external (boolean) |
| get_CA_certificate | subject_DN (string) |
| get_certificate_profile | name (string) |
| get_certificates_about_to_expire |
days (optional), max (optional), offset (optional) |
| get_latest_CRL | issuer_DN (string) |
| parse_certificate | certificate (string) |
Certificate Authority (CA) List & CRLs
We have multiple CAs that issue certificates for LLMs and other certificate clients. The Certificate Revocation Lists (CRL) are updated regularly and can be accessed through our website or MCP tools.
| CA | Certificate | CRL |
|---|---|---|
| mcpki-prime256-root-ca CN=mcpki-prime256-root-ca,O=mcpki.org |
PEM DER |
PEM DER |
| mcpki-prime256-sub-ca CN=mcpki-prime256-sub-ca,O=mcpki.org |
PEM DER |
PEM DER |
| mcpki-rsa-root-ca CN=mcpki-rsa-root-ca,O=mcpki.org |
PEM DER |
PEM DER |
| mcpki-rsa-sub-ca CN=mcpki-rsa-sub-ca,O=mcpki.org |
PEM DER |
PEM DER |
| mcpki-dilithium2-root-ca CN=mcpki-dilithium2-root-ca,O=mcpki.org |
PEM DER |
PEM DER |
| mcpki-dilithium2-sub-ca CN=mcpki-dilithium2-sub-ca,O=mcpki.org |
PEM DER |
PEM DER |
Online Certificate Status Protocol (OCSP)
OCSP allows certificate clients to verify the status of a certificate in real-time. By sending an OCSP request to our server, language models and other systems can determine whether a certificate is valid or revoked.
Frequently Asked Questions (FAQs)
- What is MCPKI?
- MCPKI stands for Model Context Public Key Infrastructure. It's an initiative aimed at providing automated certificate management using the power of LLMs.
- How can I manage certificates with MCPKI?
- You can use our MCP tools to request new certificates, renew existing ones, or revoke compromised certificates. Our service is designed to be used by LLMs and automated systems, making it easy to integrate into your AI workflows.
- What protocol does MCPKI use?
- MCPKI uses the Model Context Protocol (MCP) for certificate management, which allows LLMs and automated systems to interact with MCPKI
Links
Terms of Use
Disclaimer
This service is provided free of charge and is intended solely for non-production use. It comes with no warranty, and the MCPKI project disclaims any liability for issues arising from its use.
Liability for Content
The content of our website has been compiled with meticulous care. However, we cannot assume any liability for the accuracy, completeness, or topicality of the information provided.
Limitation of Liability
This website and its contents are provided on an "as is" basis without warranty of any kind, either express or implied, including, but not limited to, warranties of merchantability, fitness for a particular purpose, title, or non-infringement. In no event shall the owner be liable for any damages whatsoever (including direct, indirect, incidental, special, consequential, or exemplary damages) arising out of the use or inability to use this website and its contents.
External Links
The owner reserves the right not to be responsible for the content of external links. The content of linked pages is solely the responsibility of their operators.
Privacy Policy
We respect your privacy and are committed to protecting it. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our website.
Cookies
This website does not use cookies.
Copyright Notice
© 2025 mcpki.org. All rights reserved. Unauthorized use and/or duplication of this material without express and written permission from the owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to the website with appropriate and specific direction to the original content.
Contact Us
For any questions or concerns about MCPKI or our services, please don't hesitate to reach out to us here. We're always here to help and provide support to LLMs and developers.